1. Field of the Invention
This invention relates to secure end-to-end communications systems. More particularly, the invention relates to a vault controller based registration application serving web-based registration authorities and end users for conducting electronic commerce in a secure end-to-end distributed information system, e.g. the Internet.
2. Background Discussion
Traditionally, organizations, such as retailers, banks, and insurance companies in conducting electronic business, register their customers or users and control their access to business software applications with a user identification (user ID) and password. The user ID and password establish a user identity for accessing secure information. The password is the xe2x80x9cvirtual keyxe2x80x9d that authenticates a user. However, a password does not provide the security needed for electronic business. Passwords have the following limitations:
(a) Can be compromised during log-on by on-lookers;
(b) Can be easily intercepted on the internet if the transaction is not secured with a secure web protocol, such as a secure socket layer (SSL);
(c) Authenticate a user to a host but not a host to a user;
(d) Can be discovered using automatic xe2x80x9ctrial and errorxe2x80x9d techniques;
(e) Do not protect transmitted information; and
(f) Do not ensure the access is limited to authorized entities and applications.
A new approach to conducting electronic business on the internet is described in the cross-reference application. In this approach, digital keys have replaced user identification password pairs. Public key cryptography uses mathematically related public-private key pairs. Only the private key can decrypt the information the public key has encrypted. The public key can be made available to anyone. The private key is kept secret by the holder.
Just as digital keys are replacing user identification-password pairs in electronic business, digital signatures are replacing physical signatures. A digital signature is a coded message affixed to a document or data that helps guarantee the identity of the sender, thereby providing a greater level of security of the physical signature. A digital signature identifies the sender because only the sender""s private key can create the signature. The key also helps ensure the content of the signed message cannot be altered without the recipient being able to discover that the message has been altered. Digital certificates are replacing their physical counterpartxe2x80x94hard copy credentials. Digital certificates issued by a certification authority vouch for (or certify) the key of an individual, software application, organization or business. The certificate performs a role similar to that of a driver""s license or medical diplomaxe2x80x94the certificate certifies that the bearer of the corresponding private key is authorized (by an organization) to conduct certain activities for that organization.
However, the life cycle of digital certificates is similar to that of physical certificates. Digital certificates are issued after authorization in which a user is given the right to use a digital certificate for a classified amount of time. The certificate may be temporarily suspended when a user reports a lost certificate. The certificate may be resumed or revoked by the organization. Finally, digital certificates expire and for secure end-to-end communications in electronic business, the certificate must be validated to determine whether the certificate has expired, been revoked, or suspended.
Digital certificates are issued through authorized registrars known as Registration Authorities (RAs). The RAs determine whether the applicant should be authorized to access secure applications or services and set in motion a process to issue a certificate. A Certification Authority (CA) issues the digital certificate after approval by the Registration Authority. The certificate is a binding between a public key and an identity, i.e., a person, organization, or computer device. The certificate includes a subject name; issuer name; public key; validity; unique serial number; and CA digital signature. A CA guarantee""s the authenticity of the certificate through its digital signature. The certificate may be revoked at any time. The serial numbers of the revoked certificates are added to a Certification Revoked List (CRL) published in an X.500 Directory based on a standard defined by the International Telecommunications Union (ITU).
A secure operating environment is required by RAs and end users in conducting the registration process for the issuance of digital certificates which uniquely identify end users. A preferred secure operating environment employs xe2x80x9cVault Technologyxe2x80x9d, described in the above mentioned cross-related application, Ser. Number 08/980,022, filed Jun. 13, 1997. Briefly stated, xe2x80x9cVault Technologyxe2x80x9d provides a secure environment in a web server using a vault controller which provides security from other processes running on the same server. The vault controller provides secure areas or personal storage vaults e.g. a directory on a disk to which only the owner has a key linked to a digital certificate. System operators, administrators, certificate authorities, registration authorities and others cannot get to stored information or secure processes in such personal vaults. Combined with a Secure Sockets Layer (SSL), the controller enables secure registration transactions that require multiple sessions using personal vaults. The personal vault is owned by a particular UNIX account that is linked to a user with a specific vault access certificate. The content of the vault is encrypted and contains an encryption key pair and signing key pair, both of which are password protected. Each vault has a unique distinguished name in an X.500 Directory that provides storage for specific items essential to a Public Key Infrastructure (PKI) in carrying out the registration process.
A vault controller based registration application is needed to serve web based registration authorities and end users in managing the issuance and administration of digital certificates for accessing secure processes using PKI in conducting electronic commerce in a distributed information system, e.g. the Internet.
An object of the invention is a vault controller based registration application and method of operation for web based Registration Authorities and end users in conducting electronic commerce.
Another object is a vault controller based registration application including an enrollment component and method of operation which provides web pages and functions that implement a process of applying and receiving a digital certificate by an end user.
Another object is a vault controller based registration application including a RA desktop component and method of operation for web based RAs in processing end user requests for certificates.
Another object is a vault controller based registration application including a master registration application component and method of operation which supports end users and RAs in the processing of end user certificate requests and the generation of digital certificates.
Another object is master registration application including policy exit components for customizing registration application behavior consistent with customer requirements.
Another object is a vault controller based registration application including a database component and method of operation for storing and retrieving information about end user applicants, certificate requests and their processing history.
These and other objects, features and advantages are achieved in a secure end-to-end communication system using PKI for conducting electronic commerce. The system includes web based RAs and end users coupled to a vault controller. The controller includes a registration application which includes an enrollment component which provides web pages and functions that implement a vault based process of applying and receiving a digital certificate by an end user; A RA desktop component which runs in a vault and serves web based RAs in processing end user requests for certificates. A master registration application component which runs in a vault and supports end users and RAs in the processing of end user certificate requests and the generation of digital certificates. The master registration application further includes policy exit components for customizing registration application behavior consistent with customer requirements. A database component stores and retrieves information about end user applicants, certificate requests and their processing history. In one embodiment, a user submits an enrollment form to the vault controller requesting a certificate. The form contains a set of attributes including user PKI characteristics. The form is validated in the registration application by the enrollment component which submits the approved form to the master registration component. An application for a certificate is created by the master registration component for the end user and saved in the database. The master registration component adds and updates attributes to the application and subjects the application to the policy exit attributes which conform the application to the practices of the organization(s) recognizing the certificate. The application is approved or rejected by the RA desktop component. The master registration component is advised and generates the requested certificate including a Distinguished Name (DN) as an attribute, if approved for entry in an X.500 Directory. The certificate is sent to the requesting user""s browser. Receipt is confirmed by the end user invoking a confirmation function in the registration application when the certificate is used. If rejected by the RA desktop, an e-mail notification is sent to the end user by the RA desktop.